geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From xuhaih...@apache.org
Subject svn commit: r940477 - in /geronimo/server/trunk/plugins: j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/merge/ j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/ tomcat/geronimo-tomcat7/src/main/java/org...
Date Mon, 03 May 2010 14:54:42 GMT
Author: xuhaihong
Date: Mon May  3 14:54:42 2010
New Revision: 940477

URL: http://svn.apache.org/viewvc?rev=940477&view=rev
Log:
1. Use a full loop to find the web-fragment.xml in the embedded jar file of the bundle, might
be easier once we have full ear support
2. Use the deploymentDescriptor to calculate the component permission, currently, it seems
that we have no way to read the web.xml while the package is of ear type

Modified:
    geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/merge/MergeHelper.java
    geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/SpecSecurityBuilder.java
    geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
    geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java
    geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java

Modified: geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/merge/MergeHelper.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/merge/MergeHelper.java?rev=940477&r1=940476&r2=940477&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/merge/MergeHelper.java
(original)
+++ geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/merge/MergeHelper.java
Mon May  3 14:54:42 2010
@@ -21,7 +21,6 @@ import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
-import java.lang.reflect.Array;
 import java.net.URL;
 import java.util.ArrayList;
 import java.util.Enumeration;
@@ -34,6 +33,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.zip.ZipEntry;
+import java.util.zip.ZipInputStream;
 
 import javax.servlet.ServletContainerInitializer;
 import javax.servlet.annotation.HandlesTypes;
@@ -360,31 +360,34 @@ public class MergeHelper {
         if (enumeration != null) {
             while (enumeration.hasMoreElements()) {
                 String url = enumeration.nextElement();
-                if (url.endsWith(".jar")) {
-                    URL webFragmentUrl = bundle.getEntry(url + "/META-INF/web-fragment.xml");
-                    WebFragmentDocument webFragmentDocument = null;
-                    if (webFragmentUrl != null) {
-                        InputStream in = null;
-                        try {
-                            in = webFragmentUrl.openStream();
+                if (!url.endsWith(".jar")) {
+                    continue;
+                }
+                WebFragmentDocument webFragmentDocument = null;
+                ZipInputStream in = null;
+                try {
+                    in = new ZipInputStream(bundle.getEntry(url).openStream());
+                    ZipEntry entry;
+                    while ((entry = in.getNextEntry()) != null) {
+                        if (entry.getName().equals("META-INF/web-fragment.xml")) {
                             webFragmentDocument = (WebFragmentDocument) XmlBeansUtil.parse(in);
-                            //Hopefully, XmlBeansUtil should help to check most of errors
against the schema files, like none null servlet-name etc.
-                            XmlBeansUtil.validateDD(webFragmentDocument);
-                        } catch (IOException e) {
-                            logger.error("Fail to parse web-fragment.xml files in jar " +
url, e);
-                            throw new DeploymentException("Fail to scan web-fragment.xml
files", e);
-                        } catch (XmlException e) {
-                            logger.error("Fail to parse web-fragment.xml files in jar " +
url, e);
-                            throw new DeploymentException("Fail to scan web-fragment.xml
files", e);
-                        } finally {
-                            IOUtils.close(in);
+                            break;
                         }
-                    } else {
-                        webFragmentDocument = WebFragmentDocument.Factory.newInstance();
-                        webFragmentDocument.setWebFragment(WebFragmentType.Factory.newInstance());
                     }
-                    jarUrlWebFragmentDocumentMap.put(url, webFragmentDocument);
+                } catch (IOException e) {
+                    logger.error("Fail to parse web-fragment.xml files in jar " + url, e);
+                    throw new DeploymentException("Fail to scan web-fragment.xml files",
e);
+                } catch (XmlException e) {
+                    logger.error("Fail to parse web-fragment.xml files in jar " + url, e);
+                    throw new DeploymentException("Fail to scan web-fragment.xml files",
e);
+                } finally {
+                    IOUtils.close(in);
+                }
+                if (webFragmentDocument == null) {
+                    webFragmentDocument = WebFragmentDocument.Factory.newInstance();
+                    webFragmentDocument.setWebFragment(WebFragmentType.Factory.newInstance());
                 }
+                jarUrlWebFragmentDocumentMap.put(url, webFragmentDocument);
             }
             webFragmentEntries = sortWebFragments(earContext, module, bundle, webApp, jarUrlWebFragmentDocumentMap);
         } else {
@@ -448,7 +451,7 @@ public class MergeHelper {
                 webFragmentTypes[iIndex++] = webFragmentOrderEntry.webFragmentEntry;
             }
             //TODO really not save?
-//            saveOrderedLibAttribute(earContext, webFragmentTypes);
+            //            saveOrderedLibAttribute(earContext, webFragmentTypes);
             return webFragmentTypes;
         }
         LinkedList<WebFragmentOrderEntry> webFragmentOrderEntryList = null;

Modified: geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/SpecSecurityBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/SpecSecurityBuilder.java?rev=940477&r1=940476&r2=940477&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/SpecSecurityBuilder.java
(original)
+++ geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/SpecSecurityBuilder.java
Mon May  3 14:54:42 2010
@@ -146,6 +146,25 @@ public class SpecSecurityBuilder {
         initialize();
     }
 
+    public SpecSecurityBuilder(Bundle bundle, String deploymentDescriptor, boolean annotationScanRequired)
{
+        this.bundle = bundle;
+        this.annotationScanRequired = annotationScanRequired;
+        if (deploymentDescriptor == null || deploymentDescriptor.length() == 0) {
+            initialWebApp = WebAppType.Factory.newInstance();
+        } else {
+            try {
+                XmlObject parsed = XmlBeansUtil.parse(deploymentDescriptor);
+                WebAppDocument webAppDoc = SchemaConversionUtils.convertToServletSchema(parsed);
+                initialWebApp = webAppDoc.getWebApp();
+            } catch (XmlException e) {
+                throw new IllegalArgumentException("Error parsing web.xml for " + bundle.getSymbolicName(),
e);
+            } catch (Exception e) {
+                throw new IllegalArgumentException("Error reading web.xml for " + bundle.getSymbolicName(),
e);
+            }
+        }
+        initialize();
+    }
+
     public void declareRoles(String... roleNames) {
         //Let's go ahead to directly add the roles to the securityRoles set. The set will
be used in the collectRoleNames method.
         for (String roleName : roleNames) {

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java?rev=940477&r1=940476&r2=940477&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
(original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
Mon May  3 14:54:42 2010
@@ -291,8 +291,8 @@ public class GeronimoStandardContext ext
     private void addJACCSecurityLifecycleListener(TomcatWebAppContext tomcatWebAppContext)
throws DeploymentException {
         float schemaVersion = (Float) tomcatWebAppContext.getDeploymentAttribute(WebAttributeName.SCHEMA_VERSION.name());
         boolean metaComplete = (Boolean) tomcatWebAppContext.getDeploymentAttribute(WebAttributeName.META_COMPLETE.name());
-        addLifecycleListener(new JACCSecurityLifecycleListener(bundle, schemaVersion >=
2.5f && !metaComplete, tomcatWebAppContext.getApplicationPolicyConfigurationManager(),
tomcatWebAppContext
-                .getSecurityHolder().getPolicyContextID()));
+        addLifecycleListener(new JACCSecurityLifecycleListener(bundle, tomcatWebAppContext.getDeploymentDescriptor(),
schemaVersion >= 2.5f && !metaComplete, tomcatWebAppContext
+                .getApplicationPolicyConfigurationManager(), tomcatWebAppContext.getSecurityHolder().getPolicyContextID()));
     }
 
     private final Object instanceListenersLock = new Object();

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java?rev=940477&r1=940476&r2=940477&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java
(original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java
Mon May  3 14:54:42 2010
@@ -51,11 +51,15 @@ public class JACCSecurityLifecycleListen
 
     private ApplicationPolicyConfigurationManager applicationPolicyConfigurationManager;
 
-    public JACCSecurityLifecycleListener(Bundle bundle, boolean annotationScanRequired, ApplicationPolicyConfigurationManager
applicationPolicyConfigurationManager, String contextId) {
+    private String deploymentDescriptor;
+
+    public JACCSecurityLifecycleListener(Bundle bundle, String deploymentDescriptor, boolean
annotationScanRequired, ApplicationPolicyConfigurationManager applicationPolicyConfigurationManager,
+            String contextId) {
         this.bundle = bundle;
         this.contextId = contextId;
         this.annotationScanRequired = annotationScanRequired;
         this.applicationPolicyConfigurationManager = applicationPolicyConfigurationManager;
+        this.deploymentDescriptor = deploymentDescriptor;
     }
 
     @Override
@@ -63,7 +67,7 @@ public class JACCSecurityLifecycleListen
         String lifecycleEventType = lifecycleEvent.getType();
         if (lifecycleEventType.equals(Lifecycle.BEFORE_START_EVENT)) {
             //Initialize SpecSecurityBuilder
-            SpecSecurityBuilder specSecurityBuilder = new SpecSecurityBuilder(bundle, annotationScanRequired);
+            SpecSecurityBuilder specSecurityBuilder = new SpecSecurityBuilder(bundle, deploymentDescriptor,
annotationScanRequired);
             GeronimoStandardContext standardContext = (GeronimoStandardContext) lifecycleEvent.getSource();
             GeronimoApplicationContext applicationContext = (GeronimoApplicationContext)
standardContext.getInternalServletContext();
             applicationContext.setSpecSecurityBuilder(specSecurityBuilder);

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java?rev=940477&r1=940476&r2=940477&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
(original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
Mon May  3 14:54:42 2010
@@ -25,6 +25,8 @@ import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
 
+import javax.security.auth.login.LoginException;
+import javax.security.jacc.PolicyContextException;
 import javax.transaction.TransactionManager;
 
 import org.apache.felix.karaf.jaas.boot.ProxyLoginModule;
@@ -142,12 +144,19 @@ public abstract class AbstractWebModuleT
                 null);
     }
 
-    private ApplicationPolicyConfigurationManager setUpJACC(Map<String, SubjectInfo>
roleDesignates, Map<Principal, Set<String>> principalRoleMap, ComponentPermissions
componentPermissions, String policyContextId) throws Exception {
+    private ApplicationPolicyConfigurationManager setUpJACC(Map<String, SubjectInfo>
roleDesignates, Map<Principal, Set<String>> principalRoleMap, ComponentPermissions
componentPermissions,
+            String policyContextId) throws Exception {
         setUpSecurityService();
         PrincipalRoleMapper roleMapper = new ApplicationPrincipalRoleConfigurationManager(principalRoleMap,
null, roleDesignates, null);
         Map<String, ComponentPermissions> contextIDToPermissionsMap = new HashMap<String,
ComponentPermissions>();
         contextIDToPermissionsMap.put(policyContextId, componentPermissions);
-        ApplicationPolicyConfigurationManager jacc = new ApplicationPolicyConfigurationManager(contextIDToPermissionsMap,
roleMapper, cl);
+        ApplicationPolicyConfigurationManager jacc = new ApplicationPolicyConfigurationManager(contextIDToPermissionsMap,
roleMapper, cl) {
+
+            @Override
+            public void updateApplicationPolicyConfiguration(Map<String, ComponentPermissions>
arg0) throws PolicyContextException, ClassNotFoundException, LoginException {
+                //JACCSecurity Test build the ComponnentPermissions manually, use an empty
update method to prevent JACCSecurityListener to update the permissions
+            }
+        };
         jacc.doStart();
         return jacc;
     }



Mime
View raw message